diff options
Diffstat (limited to 'dev-util/rats/files/rats-2.1-fix-null-pointers.patch')
| -rw-r--r-- | dev-util/rats/files/rats-2.1-fix-null-pointers.patch | 128 |
1 files changed, 0 insertions, 128 deletions
diff --git a/dev-util/rats/files/rats-2.1-fix-null-pointers.patch b/dev-util/rats/files/rats-2.1-fix-null-pointers.patch deleted file mode 100644 index 0d4c701f0bfc..000000000000 --- a/dev-util/rats/files/rats-2.1-fix-null-pointers.patch +++ /dev/null @@ -1,128 +0,0 @@ -diff -Nuar rats-2.1.orig/report.c rats-2.1/report.c ---- rats-2.1.orig/report.c 2002-09-16 21:05:43.000000000 -0700 -+++ rats-2.1/report.c 2006-05-21 23:16:16.323046789 -0700 -@@ -122,9 +122,15 @@ - return result; - } - -- -- -- -+/* Exclusively for debugging vulnerabilities. -+ * - robbat2@gentoo.org 21/05/2006 */ -+static void debug_vuln_dump(vulnerability_t *ptr) { -+ fprintf(stderr,"vuln_dump: this=%x f=%s l=%d c=%d d=%x t=%d s=%d u=%x p=(%x,%x)\n", -+ ptr, -+ ptr->filename,ptr->lineno,ptr->column, -+ ptr->data,ptr->type,ptr->severity, -+ ptr->uses,ptr->next,ptr->prev); -+} - - static void - replace_cfname(char *filename) -@@ -317,6 +323,27 @@ - insert_vulnerability(log); - } - -+/* These are special static vulnerabilities because we don't -+ * want NULL data elements in the vulnerability_t->data -+ * field, because the HTML and XML output formats use that -+ * pointer without checking it for being null first. -+ * - robbat2@gentoo.org 21/05/2006 */ -+static struct Vuln_t vuln_PerlBacktick = { -+ .Name = "Perl Backtick" -+}; -+static struct Vuln_t vuln_PhpBacktick = { -+ .Name = "PHP Backtick" -+}; -+static struct Vuln_t vuln_PythonBacktick = { -+ .Name = "Python Backtick" -+}; -+static struct Vuln_t vuln_StaticLocalBuffer = { -+ .Name = "Static Local Buffer" -+}; -+static struct Vuln_t vuln_StaticGlobalBuffer = { -+ .Name = "Static Global Buffer" -+}; -+ - void log_perlbacktick(int lineno, int column, Severity_t severity) - { - vulnerability_t * log; -@@ -325,7 +352,7 @@ - log->filename = current_file; - log->column = column; - log->lineno = lineno; -- log->data = (Vuln_t *)NULL; -+ log->data = &vuln_PerlBacktick; - log->type = PerlBacktick; - log->severity = severity; - log->uses = (toctou_use_t *)NULL; -@@ -342,7 +369,7 @@ - log->filename = current_file; - log->column = column; - log->lineno = lineno; -- log->data = (Vuln_t *)NULL; -+ log->data = &vuln_PhpBacktick; - log->type = PhpBacktick; - log->severity = severity; - log->uses = (toctou_use_t *)NULL; -@@ -358,7 +385,7 @@ - log->filename = current_file; - log->column = column; - log->lineno = lineno; -- log->data = (Vuln_t *)NULL; -+ log->data = &vuln_PythonBacktick; - log->type = PythonBacktick; - log->severity = severity; - log->uses = (toctou_use_t *)NULL; -@@ -374,7 +401,16 @@ - log->filename = current_file; - log->column = column; - log->lineno = lineno; -- log->data = (Vuln_t *)NULL; -+ switch(type) { -+ case StaticLocalBuffer: -+ log->data = &vuln_StaticLocalBuffer; -+ break; -+ case StaticGlobalBuffer: -+ log->data = &vuln_StaticGlobalBuffer; -+ break; -+ default: -+ log->data = (Vuln_t *)NULL; -+ } - log->type = type; - log->severity = severity; - log->uses = (toctou_use_t *)NULL; -@@ -432,6 +468,10 @@ - static void build_xml_vulnerability(vulnerability_t *ptr) { - int i; - -+ /* Debugging - robbat2@gentoo.org 21/05/2006 */ -+ if(ptr->data == NULL) -+ debug_vuln_dump(ptr); -+ - printf("<vulnerability>\n"); - - /* Output the severity */ -@@ -593,6 +633,8 @@ - void report_vulnerability(vulnerability_t *ptr) - { - int i; -+ if(ptr->data == NULL) -+ debug_vuln_dump(ptr); - - switch (ptr->type) - { -@@ -890,8 +932,10 @@ - - static void build_html_vulnerability(vulnerability_t *ptr) { - int i; -- -- -+ -+ /* Debugging - robbat2@gentoo.org 21/05/2006 */ -+ if(ptr->data == NULL) -+ debug_vuln_dump(ptr); - - /* Output the severity */ - printf(" <b>Severity: %s</b><br/>\n", |